SQL> CREATE USER user01
IDENTIFIED BY oracle
DEFAULT TABLESPACE tbs1
TEMPORARY TABLESPACE temp
PROFILE default
SQL> GRANT create session, create table TO user01;
While executing the command to create a table, the user gets the following error message and the CREATE
TABLE.. command fails.
ERROR at line 1:
ORA-01950: no privileges on tablespace
表空间quota概述
Oracle 官网对quota的定义如下: A limit on a resource, such as a limit on the amount of database storage used by a database user. A database administrator can set tablespace quotas for each Oracle Database username
有关Oracle Quota 这块可以参考Oracle官方文档
http://download.oracle.com/docs/cd/E11882_01/network.112/e16543
quota的日常管理
常见问题
ORA-01536: space
ORA-01950: no privileges on tablespace
解决办法:
alter
alter
grant
注:quota是为了限制用户对表空间的使用,比如你限制用户Guotu在tablespace
所以你需要:
alter
alter
grant
dba_ts_quotas
与quota相关的数据字典视图为dba_ts_quotas,以下是相关的信息
Assigning a Tablespace Quota for the User
You can assign each user a tablespace quota for any tablespace (except a temporary tablespace). Assigning a quota accomplishes the following:
Users with privileges to create certain types of objects can create those objects in the specified tablespace.
Oracle Database limits the amount of space that can be allocated for storage of a user's objects within the specified tablespace to the amount of the quota.
By default, a user has no quota on any tablespace in the database. If the user has the privilege to create a schema object, then you must assign a quota to allow the user to create objects. At a minimum, assign users a quota for the default tablespace, and additional quotas for other tablespaces in which they can create objects.
可以使用下列语句来创建用户
CREATE USER jward
配额的指定可以禁止用户的对象使用过多的表空间
You can assign a user either individual quotas for a specific amount of disk space in each tablespace or an unlimited amount of disk space in all tablespaces. Specific quotas prevent a user's objects from using too much space in the database.
You can assign quotas to a user tablespace when you create the user, or add or change quotas later. (You can find existing user quotas by querying the USER_TS_QUOTAS view.) 。
(1)If a user has already exceeded a new tablespace quota, then the objects of a user in the tablespace cannot be allocated more space until the combined space of these objects is less than the new quota.
(2)If a user has not exceeded a new tablespace quota, or if the space used by the objects of the user in the tablespace falls under a new tablespace quota, then the user's objects can be allocated space up to the new quota.
Restricting the Quota Limits for User Objects in a Tablespace
You can restrict the quota limits for user objects in a tablespace by using the ALTER USER SQL statement to change the current quota of the user to zero.
For example, you could not insert data into one of this user's exiting tables. The operation will fail with an ORA-1536 space quota exceeded for tables error.
Granting Users the UNLIMITED TABLESPACE System Privilege
To permit a user to use an unlimited amount of any tablespace in the database, grant the user the UNLIMITED TABLESPACE system privilege. This overrides all explicit tablespace quotas for the user. If you later revoke the privilege, then you must explicitly grant quotas to individual tablespaces. You can grant this privilege only to users, not to roles.
Before granting the UNLIMITED TABLESPACE system privilege, you must consider the consequences of doing so.
Advantage:
You can grant a user unlimited access to all tablespaces of a database with one statement.
Disadvantages:
(1)The privilege overrides all explicit tablespace quotas for the user.
(2)You cannot selectively revoke tablespace access from a user with the UNLIMITED TABLESPACE privilege. You can grant selective or restricted access only after revoking the privilege.
Listing All Tablespace Quotas
Use the DBA_TS_QUOTAS view to list all tablespace quotas specifically assigned to each user. For example:
SELECT * FROM DBA_TS_QUOTAS;
----------
USERS
USERS
When specific quotas are assigned, the exact number is indicated in the MAX_BYTES column . This number is always a multiple of the database block size, so if you specify a tablespace quota that is not a multiple of the database block size, then it is rounded up accordingly. Unlimited quotas are indicated by -1.
注意当对用户赋予resource角色时将同时赋予unlimited tablespace的系统权限。详情见下文
创建用户
SQL> create user test_privs identified by test_privs default tablespace users;
User created.
SQL> select * from dba_sys_privs where GRANTEE='TEST_PRIVS';
no rows selected
赋予resource角色
SQL> grant resource to TEST_PRIVS;
Grant succeeded.
查询resource角色所具有的系统权限
SQL> select * from dba_sys_privs where GRANTEE='RESOURCE';
GRANTEE
------------------------------ ---------------------------------------- ---
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
RESOURCE
查看用户所具有的角色
SQL> select * from dba_role_privs where GRANTEE='TEST_PRIVS';
GRANTEE
------------------------------ ------------------------------ --- ---
TEST_PRIVS
查询用户所具有的系统权限
SQL> select * from dba_sys_privs where GRANTEE='TEST_PRIVS';
GRANTEE
------------------------------ ---------------------------------------- ---
TEST_PRIVS
可以看到,Oracle默认的把unlimited tablespace的系统权限赋予了用户
查询表空间
SQL> select TABLESPACE_NAME,USERNAME,BYTES,MAX_BYTES from dba_ts_quotas;
TABLESPACE_NAME
------------------------------ ---------- ---------- ----------
INDX
SYSAUX
USERS
SYSAUX
SYSAUX
TRANS
可以看到对于具有unlimited tablespace系统权限的用户,在dba_ts_quota上没有体现。
这里补充说一句,一般创建用户时,如果没有特殊需求只要将resource和connect角色赋予用户即可。
SQL> select * from dba_sys_privs where GRANTEE= 'CONNECT';
ROLE
------------------------------ ---------------------------------------- ---
CONNECT
SQL> grant resource,connect to test_privs;
Grant succeeded.